Banking Trojan Bankbot has made its way into the Google Play Store again, just months after its first removal in April.

Initially discoveredin early 2017, the malware created fake overlay screens that looked like the login pages of popular banking apps. Once you entered your username and password, the data was passed onto cybercriminals.

But the newest Bankbot is even smarter than previous versions - waiting 20 minutes after its download before installing itself - a trait that may have helped it bypass Google's Play Protect.

"The banking Trojan has been evolving throughout the year, resurfacing in different versions both on and outside Google Play," said Slovakia-based IT security firm ESET earlier this week. "The variant we discovered on Google Play on September 4 is the first one to successfully combine the recent steps of BankBot’s evolution."

Once the APK (Android application package) installs itself and obtains administrator privileges, the malware steals a person's payment card data by creating a fake overlay for the Play Store app, which comes installed on every Android device.

The next time a victim opens the Play Store, a fake screen that asks for his credit card number appears. Once he enters it, the info is sent directly to hackers.

Bankbot was found hidden inside Jewels Star Classic, a game that entered the Google Play Store on Aug. 26 and was updated on September 4. At the time of its removal three days later, it had been downloaded by at least 5,000 users.

Here's how to protect yourself from Android malware:

1. Don't open files that you don't recognize.2. Don't install apps from third-party sources.3. Install updates as soon as they become available.4. Use anti-virus software on all Android-based devices.

As of last spring, an estimated 1.3 to 1.4 billion people owned Android phones, which are easier to infiltrate than iOS-based devices. The Google-developed operating system is "more open and adaptable" - a growing problem for developers and users.

In 2016, SophosLabs processed more than 8.5 million suspicious Android applications, and more than 50 percent were a form of malicious software or adware.